Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bWTDd3rX7dNo1NnpOFdCGNPnyrg.roa
File: bWTDd3rX7dNo1NnpOFdCGNPnyrg.roa (raw, json)
Hash identifier: ExPfaP/vM5P2xy3sa+rYSjt8u8lJXTFQLqyMSqBuA6Q=
Subject key identifier: 6D:64:C3:77:7A:D7:ED:D3:68:D4:D9:E9:38:57:42:18:D3:E7:CA:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 633A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bWTDd3rX7dNo1NnpOFdCGNPnyrg.roa
Signing time: Thu 22 May 2025 16:40:53 +0000
ROA not before: Thu 22 May 2025 16:40:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25402 (0x633a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 22 16:40:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=6D64C3777AD7EDD368D4D9E938574218D3E7CAB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:05:60:24:e2:08:45:9d:18:e3:05:6f:9b:63:
a3:ba:6d:f7:d7:49:07:d4:14:4c:68:55:73:00:c8:
99:7f:15:42:6d:5a:6f:b7:1d:5a:b1:21:e6:98:85:
11:d8:39:33:77:49:64:b4:25:dc:e7:3a:e6:79:88:
69:7d:33:5c:b0:aa:df:9e:cc:5c:b0:b3:46:8c:1c:
12:b8:44:e3:33:e6:5a:52:71:ce:ae:99:24:63:4d:
6b:51:07:92:af:42:14:40:f2:f4:d7:4c:0c:f1:fe:
77:24:e2:1d:d7:47:5c:87:09:96:5c:90:49:f9:5a:
35:f1:78:71:b2:70:cc:fd:54:16:9a:69:fb:4c:f2:
90:4b:fc:eb:64:b2:27:3f:94:b8:db:0d:44:a3:ff:
a0:42:40:03:6b:50:56:6d:bf:25:34:d1:0e:06:d8:
1d:78:c0:56:ff:4d:cb:ee:af:98:04:02:fe:dd:ae:
a6:ac:b9:4f:08:0c:b4:8b:f4:28:16:87:20:12:a6:
32:cb:ed:e0:c7:7e:a8:ab:af:37:b9:19:9d:05:3a:
24:95:e7:20:ce:0b:e0:94:57:99:72:ce:72:e4:e7:
e9:74:59:01:f4:72:21:ec:c9:ab:46:3b:47:26:a2:
c1:b2:21:3e:d9:dc:14:8b:03:12:5d:d7:57:9f:bd:
c9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:64:C3:77:7A:D7:ED:D3:68:D4:D9:E9:38:57:42:18:D3:E7:CA:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bWTDd3rX7dNo1NnpOFdCGNPnyrg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
81:3c:90:77:4d:ad:13:47:a3:17:e2:8e:7f:a3:d9:f1:54:d3:
4a:50:61:72:a8:19:e1:dc:a8:ec:0d:f4:45:05:c5:e3:7e:c9:
d1:dc:54:b9:c0:fd:2d:de:09:aa:c0:b7:74:6e:9a:28:a4:af:
fd:e5:71:70:df:d8:8f:b1:a8:24:6d:01:52:a1:28:53:cf:81:
6a:f8:ea:96:e9:3b:b4:fd:8a:a6:b7:86:d4:60:2a:d5:82:70:
db:e6:ed:de:2d:4e:a8:1c:b9:c8:3c:84:fd:74:19:06:e4:92:
2b:0a:5b:ed:9b:ad:d0:07:31:45:66:53:c9:91:60:2d:19:40:
14:75:5c:9e:c1:2e:ba:21:40:4b:20:ac:c8:6d:89:a7:f3:25:
e0:6b:7f:83:97:67:00:6b:a4:22:b8:57:15:d8:3a:53:8a:db:
17:b6:aa:7f:fe:44:71:e1:5c:19:24:08:74:c2:d1:64:c5:0a:
73:dc:e8:1e:87:97:11:af:81:bc:9b:36:ca:3c:b4:52:7a:98:
f9:43:1c:4f:97:c7:55:b4:c1:22:9a:63:96:25:b5:b2:40:0b:
53:39:81:0d:18:8a:07:95:a3:9d:d1:45:e5:ad:0e:98:1c:63:
86:67:93:d6:64:ac:d3:42:6c:8d:b9:00:e9:10:ea:a6:9b:5f:
9c:5d:58:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjIx
NjQwNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDZENjRDMzc3N0FEN0VE
RDM2OEQ0RDlFOTM4NTc0MjE4RDNFN0NBQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoBWAk4ghFnRjjBW+bY6O6bffXSQfUFExoVXMAyJl/FUJtWm+3
HVqxIeaYhRHYOTN3SWS0JdznOuZ5iGl9M1ywqt+ezFyws0aMHBK4ROMz5lpScc6u
mSRjTWtRB5KvQhRA8vTXTAzx/nck4h3XR1yHCZZckEn5WjXxeHGycMz9VBaaaftM
8pBL/Otksic/lLjbDUSj/6BCQANrUFZtvyU00Q4G2B14wFb/Tcvur5gEAv7drqas
uU8IDLSL9CgWhyASpjLL7eDHfqirrze5GZ0FOiSV5yDOC+CUV5lyznLk5+l0WQH0
ciHsyatGO0cmosGyIT7Z3BSLAxJd11efvcnJAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUbWTDd3rX7dNo1NnpOFdCGNPnyrgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JXVERkM3JYN2RObzFO
bnBPRmRDR05QbnlyZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCBPJB3
Ta0TR6MX4o5/o9nxVNNKUGFyqBnh3KjsDfRFBcXjfsnR3FS5wP0t3gmqwLd0bpoo
pK/95XFw39iPsagkbQFSoShTz4Fq+OqW6Tu0/Yqmt4bUYCrVgnDb5u3eLU6oHLnI
PIT9dBkG5JIrClvtm63QBzFFZlPJkWAtGUAUdVyewS66IUBLIKzIbYmn8yXga3+D
l2cAa6QiuFcV2DpTitsXtqp//kRx4VwZJAh0wtFkxQpz3Ogeh5cRr4G8mzbKPLRS
epj5QxxPl8dVtMEimmOWJbWyQAtTOYENGIoHlaOd0UXlrQ6YHGOGZ5PWZKzTQmyN
uQDpEOqmm1+cXVj+
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:25:32 2025 by rpki-client